package com.project.controller;

import com.baomidou.mybatisplus.core.metadata.IPage;
import com.project.bean.UserBean;
import com.project.service.IUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

/**
 * 用户controller
 */
@RestController
@RequestMapping("user")
public class UserController {

    @Autowired
    private IUserService userService;

    //登录
    @RequestMapping("login")
    public UserBean login(String userName, String pwd, HttpServletRequest request) {
        //得到主体
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(new UsernamePasswordToken(userName,pwd));
        }catch (Exception e){
            return null;
        }
        UserBean user = (UserBean) subject.getPrincipal();
        if (user != null) {
            //在session对象中保存登录用户
            request.getSession().setAttribute("loginUser", user);
        }
        return user;
    }

    //获取登录用户对象
    @RequestMapping("getLoginUser")
    public UserBean getUser(HttpServletRequest request) {
        return (UserBean) request.getSession().getAttribute("loginUser");
    }

    //动态条件分页查询分页查询
    @RequiresPermissions({"user:findByItem"})
    @RequestMapping("findByItem")
    public IPage<UserBean> findByItem(Integer pageNO, String name) {
        return userService.findByItem(pageNO, name);
    }

    //添加用户时，用户名不能重复
    @RequiresPermissions("user:findByName")
    @RequestMapping("findByName")
    public UserBean findByName(String name) {
        return userService.findByName(name);
    }

    //添加用户
    @RequiresPermissions("user:add")
    @RequestMapping("add")
    public String add(UserBean user, Integer... roleIdArray) {
        userService.add(user, roleIdArray);
        return "ok";
    }
    //删除用户，同时删除用户拥有的角色信息
    @RequiresPermissions("user:del")
    @RequestMapping("del")
    public String del(Integer userId){
        userService.del(userId);
        return "ok";
    }

    //按照用户id。查询用户信息，同时查询用户的角色集合和权限集合
    @RequiresPermissions("user:findById")
    @RequestMapping("findById")
    public UserBean findById(Integer userId){
        return userService.findById(userId);
    }

    //通过用户id修改用户角色
    @RequiresPermissions("user:updateRole")
    @RequestMapping("updateRole")
    public String updateRole(Integer userId,Integer... newRoleArray){
        userService.updateRole(userId, newRoleArray);
        return "ok";
    }

    //修改密码
    @RequestMapping("updatePwd")
    public String updatePwd(HttpServletRequest request,String newPwd){
        UserBean loginUser = (UserBean) request.getSession().getAttribute("loginUser");
        userService.updatePwd(loginUser.getId(), newPwd);
        return "ok";
    }

    @RequiresPermissions("user:findByUserId")
    @RequestMapping("findByUserId")
    public UserBean findByUserId(HttpServletRequest request){
        UserBean loginUser = (UserBean) request.getSession().getAttribute("loginUser");
        return userService.findByUserId(loginUser.getId());
    }
}
